/*
 * Copyright (c) zhg2yqq.com Corp.
 * All Rights Reserved.
 */
package com.zhg2yqq.wheels.security.context;

import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;

import org.springframework.security.core.CredentialsContainer;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.SpringSecurityCoreVersion;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import com.zhg2yqq.wheels.common.constants.Status;
import com.zhg2yqq.wheels.common.dto.CurrentUserDTO;

/**
 * @author zhg2yqq, 2022年11月28日
 * @version zhg2yqq v1.0
 */
public class SecurityLoginUser extends CurrentUserDTO implements UserDetails, CredentialsContainer {

    private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;

    private String encodePwd;
    // 状态
    private String status;
    private List<String> roleCodes;
    //    // 权限，key:code，value:method（POST/GET/PUT/DELETE/*）
//    private Map<String, String> permissions;
    // 登陆平台
    private String loginPlatform;
    // 认证有效时间 单位毫秒
    private Long securityTtl;
    // 额外信息
    private Map<String, String> extras;
    // 认证信息
    private String accessToken;
    // 随机字符串
    private String accessKey;

    public SecurityLoginUser(String id, String username, List<String> roleCodes) {
        super(id, username);
        this.roleCodes = roleCodes;
    }

    public SecurityLoginUser(String id, String username) {
        super(id, username);
    }

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        if (roleCodes == null) {
            return Collections.emptySet();
        }
        return roleCodes.stream().map(SimpleGrantedAuthority::new)
                .collect(Collectors.toSet());
    }

    @Override
    public String getPassword() {
        return this.getEncodePwd();
    }

    /**
     * 账户是否未过期，过期无法验证
     */
    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    /**
     * 指定用户是否解锁，锁定的用户无法进行身份验证
     * <p>
     * 密码锁定
     * </p>
     */
    @Override
    public boolean isAccountNonLocked() {
        return !Objects.equals(this.getStatus(), Status.LOCKED);
    }

    /**
     * 指示是否已过期的用户的凭据(密码)，过期的凭据防止认证
     */
    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    /**
     * 用户是否被启用或禁用。禁用的用户无法进行身份验证。
     */
    @Override
    public boolean isEnabled() {
        return !Objects.equals(this.getStatus(), Status.DISABLED);
    }

    /**
     * 认证完成后，擦除密码
     */
    @Override
    public void eraseCredentials() {
        this.setEncodePwd(null);
    }

    public List<String> getRoleCodes() {
        return roleCodes;
    }

    public void setRoleCodes(List<String> roleCodes) {
        this.roleCodes = roleCodes;
    }

//    public Map<String, String> getPermissions() {
//        return permissions;
//    }
//
//    public void setPermissions(Map<String, String> permissions) {
//        this.permissions = permissions;
//    }

    public String getEncodePwd() {
        return encodePwd;
    }

    public void setEncodePwd(String encodePwd) {
        this.encodePwd = encodePwd;
    }

    public String getStatus() {
        return status;
    }

    public void setStatus(String status) {
        this.status = status;
    }

    public String getLoginPlatform() {
        return loginPlatform;
    }

    public void setLoginPlatform(String loginPlatform) {
        this.loginPlatform = loginPlatform;
    }

    public String getAccessKey() {
        return accessKey;
    }

    public void setAccessKey(String accessKey) {
        this.accessKey = accessKey;
    }

    public Long getSecurityTtl() {
        return securityTtl;
    }

    public void setSecurityTtl(Long securityTtl) {
        this.securityTtl = securityTtl;
    }

    public Map<String, String> getExtras() {
        return extras;
    }

    public void setExtras(Map<String, String> extras) {
        this.extras = extras;
    }

    public String getAccessToken() {
        return accessToken;
    }

    public void setAccessToken(String accessToken) {
        this.accessToken = accessToken;
    }
}
